EVENT REVIEW: Kevin Mitnick’s visit to Mexico

<Translated from Spanish using Google Translate>

One of the most famous hackers in the world visited Mexico City and gave a lecture where he even showed some hacking tricks. It was an incredible experience.

Kevin Mitnick is known as the most famous hacker in the world. It all started from his initial interest in magic, which led to the magic of telephony and what could be done with it. Mitnick understood that he could do a series of tricks to get into other systems. For example, at age 13 he found out how to skip the card system that was used in the bus system of the city of Los Angeles. Much of it did not through complex programming techniques, but social engineering, that is, talking to people assuming identities of employees of the company to which he wanted to get information. With this he could, for example, talk to the people of Motorola and get in about 15 minutes, the source code of one of his most popular phones.

In 1979 he managed to illegally enter a computer network, after a friend gave him the Ark phone, a computer system of the company DEC. Mitnick simply copied the software from the company and when he was arrested, he was sentenced to 12 months in prison, with 3 more years of supervision. Near the end of this period, Mitnick hacked Pacific Bell's voicemail system. When the authorities learned that he was behind this, he was started looking for the United States and Mitnick became a fugitive for two and a half years.

But all this had the predictable end: Mitnick was arrested on February 15, 1995, in his apartment in Raleigh, North Carolina, with federal charges that included a number of crimes in that period when he was a fugitive from justice. He was then charged with cyber fraud (14 counts), possession of unauthorized devices (8 counts), interception of electronic communications, unauthorized access to a federal computer and damage to computer equipment. In 1999 Mitnick pleaded guilty to one of those charges and was sentenced to 46 months in prison, plus 22 months for violating the terms of his 1989 release.

Kevin Mitnick spent five years in prison, four and a half years since the trial and 8 months in solitary confinement because, according to Mitnick, the lawyers convinced the judge that he could "start a nuclear war by whistling him on a telephone."

Finally, on January 21, 2000, he was released. During this time, he was initially prohibited from using any communication technology other than a residential telephone. Mitnick fought such a decision and eventually won the case with which he had access to the Internet. Mitnick also could not commercialize in books or any other medium his history for being, according to the American justice, a series of criminal acts. But this limitation was terminated in 2007.

It must be said that Mitnick never took advantage of his activities. He did not sell information, passwords or illegally obtained software. His activity was simply motivated by the desire to learn and to see that there were no inviolable systems. And also, he made it clear that it does not require great technical skill (which he certainly has), but to do this social engineering to make passwords, or enter a building where supposedly only authorized personnel have access. Mitnick is not the first to take advantage of this social engineering, but he is one of the best in this sense, because when he was interested in something, he achieved it without hesitation, without showing emotions that could show it.

After this story about this important hacker, Mitnick was eventually considered "rehabilitated" and decided to start a consulting company on computer security, which seems to have been a success. Kevin Mitnick is hired in many countries not only to help protect companies, both public and private, from crackers and hackers, but also, he gives talks and lectures about it.

And this was what he did on October 31, 2017, in a talk he gave at the Masaryk Forum, sponsored by Microsoft. Kevin Mitnick clearly has a perfectly prepared talk and in about an hour and a half showed some of his tricks, talked about certain details of his life as a hacker and finally showed how to protect against all kinds of difficulties, including ransomware viruses like WannaCry .

It was remarkable what Mitnick did. He showed how to clone cards (such as those used in certain hotels to open the locks of the rooms), as well as teach some tools (hardware and software), to be able to get information that they have on the magnetic cards without the user Do not even notice. For example, a few years ago, thanks to the electronic equipment he carried in his backpack, Mitnick made more than a hundred credit card data by simply walking through the halls of a conference he attended.

At the end of the event, Mitnick made a couple of gifts to all of us who could attend the event: his book: "Ghost in the Wires", written together with William L. Simon and his business card, which is made of metal and contains "A set of picks".

If I had to say something about Kevin Mitnick, I could confess that I never thought the world was such an unsafe place. I thought that finally the hack could only be done via a technical skill that only a few possess. However, that was frankly denied by Mitnick himself. And when he signed the book I told him that I hated that he had opened my eyes like that. I told him that more than ever I felt unprotected. He smiled and answered something like this: "if I managed to tell you the reality in this sense, my work is done".

This great event review and other interesting articles can be found at the source.


Topics: Social Engineering, DEC, keynote speaker, Mexico City, Microsoft, Motorola, North Carolina, Pacific Bell, Raleigh, security consulting, Masaryk Forum, arrest, Ghost in the Wires, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›

Understanding Post-Inoculation Cybersecurity Attack Vectors

If you’ve recently improved your cybersecurity posture, you should know that the work to protect your company’s data is not over.

Read more ›

Password Management Best Practices: How Secure Are Password Managers?

Password managers are convenient tools for storing, organizing, and accessing passwords. But are they safe from cyber attacks?

Read more ›